<?php
// 连接数据库
require 'config.php';

$conn = new mysqli($host, $user, $pass, $db);

if ($conn->connect_error) {
    die("数据库连接失败: " . $conn->connect_error);
}

// 处理搜索请求（存在 SQL 注入漏洞）
$searchResults = [];
if (isset($_GET['search'])) {
    $searchKeyword = $_GET['search']; // 直接使用用户输入，未做任何处理
    $sql = "SELECT title, content, published_at FROM news WHERE title LIKE '%$searchKeyword%' OR content LIKE '%$searchKeyword%' ORDER BY published_at DESC";
    $searchResult = $conn->query($sql);
    if ($searchResult->num_rows > 0) {
        while ($row = $searchResult->fetch_assoc()) {
            $searchResults[] = $row;
        }
    }
}

// 查询最新新闻数据
$sql = "SELECT title, content, published_at FROM news ORDER BY published_at DESC LIMIT 5";
$result = $conn->query($sql);

// 获取uploads目录下的文件列表
$uploadDir = 'uploads/';
$files = [];
if (is_dir($uploadDir)) {
    $files = scandir($uploadDir);
    $files = array_diff($files, ['.', '..']); // 去除 . 和 ..
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="icon" href="favicon.ico" type="image/x-icon">
    <title>Ai自动化渗透测试靶场：解放双手，智能攻防！</title>
    <style>
        /* 全局样式 */
        * {
            box-sizing: border-box;
            margin: 0;
            padding: 0;
        }
        
        body {
            font-family: 'Microsoft YaHei', Arial, sans-serif;
            margin: 0;
            padding: 0;
            background-color: #ffffff;
            line-height: 1.6;
            color: #333;
        }
        
        /* 头部样式 */
        header {
            background: linear-gradient(135deg, #ffffff 0%, #f8f9fa 100%);
            color: #333;
            padding: 10px 0;
            text-align: center;
            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.05);
            border-bottom: 1px solid #e9ecef;
        }
        
        .header-content {
            max-width: 1200px;
            margin: 0 auto;
            display: flex;
            align-items: center;
            justify-content: center;
            gap: 15px;
            padding: 0 20px;
        }
        
        .logo {
            height: 60px;
            transition: transform 0.3s ease;
        }
        
        .logo:hover {
            transform: scale(1.05);
        }
        
        /* 导航栏样式 */
        nav {
            background-color: #fff;
            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.05);
            margin-bottom: 20px;
        }
        
        .nav-container {
            max-width: 1200px;
            margin: 0 auto;
            padding: 0 20px;
        }
        
        .nav-menu {
            list-style: none;
            display: flex;
            overflow-x: auto;
            padding: 10px 0;
            justify-content: center;
            flex-wrap: wrap;
            gap: 10px;
        }
        
        .nav-item {
            margin: 0 5px;
        }
        
        .nav-link {
            display: block;
            padding: 8px 16px;
            color: #333;
            text-decoration: none;
            border-radius: 20px;
            transition: all 0.3s ease;
            white-space: nowrap;
            font-weight: 500;
        }
        
        .nav-link:hover {
            background-color: #4CAF50;
            color: #fff;
            transform: translateY(-2px);
            box-shadow: 0 4px 8px rgba(76, 175, 80, 0.2);
        }
        
        /* 容器样式 */
        .container {
            max-width: 1200px;
            margin: 0 auto;
            background-color: #fff;
            border-radius: 10px;
            padding: 30px;
            box-shadow: 0 5px 20px rgba(0, 0, 0, 0.05);
            margin-bottom: 30px;
        }
        
        /* 两栏布局 */
        .columns {
            display: flex;
            gap: 30px;
            margin-top: 20px;
        }
        
        .left-column {
            flex: 3;
        }
        
        .right-column {
            flex: 1;
            background-color: #f8f9fa;
            border-radius: 10px;
            padding: 20px;
            height: fit-content;
            position: sticky;
            top: 20px;
        }
        
        /* 搜索表单 */
        .search-form {
            margin-bottom: 30px;
            padding: 20px;
            background-color: #f8f9fa;
            border-radius: 10px;
            text-align: center;
        }
        
        .search-form input[type="text"] {
            width: 70%;
            padding: 12px 20px;
            font-size: 16px;
            border: 2px solid #ddd;
            border-radius: 25px 0 0 25px;
            outline: none;
            transition: border-color 0.3s ease;
        }
        
        .search-form input[type="text"]:focus {
            border-color: #4CAF50;
        }
        
        .search-form input[type="submit"] {
            padding: 12px 25px;
            font-size: 16px;
            background-color: #4CAF50;
            color: #fff;
            border: none;
            border-radius: 0 25px 25px 0;
            cursor: pointer;
            transition: background-color 0.3s ease;
        }
        
        .search-form input[type="submit"]:hover {
            background-color: #45a049;
        }
        
        /* 新闻样式 */
        .news-section {
            margin-bottom: 30px;
        }
        
        .section-title {
            margin-bottom: 20px;
            color: #333;
            font-size: 24px;
            font-weight: 600;
            padding-bottom: 10px;
            border-bottom: 3px solid #4CAF50;
            display: inline-block;
        }
        
        .news-item {
            margin-bottom: 25px;
            padding: 20px;
            border-radius: 10px;
            background-color: #ffffff;
            border-left: 4px solid #4CAF50;
            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.05);
            transition: transform 0.3s ease, box-shadow 0.3s ease;
            border: 1px solid #e9ecef;
        }
        
        .news-item:hover {
            transform: translateY(-5px);
            box-shadow: 0 8px 20px rgba(0, 0, 0, 0.1);
        }
        
        .news-item h2 {
            margin: 0 0 15px;
            color: #333;
            font-size: 20px;
            line-height: 1.4;
        }
        
        .news-item p {
            margin: 0 0 10px;
            color: #666;
            line-height: 1.6;
        }
        
        .news-item .date {
            font-size: 0.9em;
            color: #999;
            display: block;
            margin-top: 10px;
        }
        
        /* 轮播图样式 */
        .carousel {
            position: relative;
            width: 100%;
            max-width: 100%;
            margin: 0 auto 30px;
            overflow: hidden;
            border-radius: 10px;
            box-shadow: 0 5px 20px rgba(0, 0, 0, 0.1);
        }
        
        .carousel-inner {
            display: flex;
            transition: transform 0.5s ease;
        }
        
        .carousel-item {
            min-width: 100%;
            box-sizing: border-box;
        }
        
        .carousel-item img {
            width: 100%;
            display: block;
            height: 400px;
            object-fit: cover;
        }
        
        .carousel-control {
            position: absolute;
            top: 50%;
            transform: translateY(-50%);
            background-color: rgba(255, 255, 255, 0.8);
            color: #333;
            border: 1px solid #ddd;
            padding: 15px;
            cursor: pointer;
            font-size: 24px;
            border-radius: 50%;
            width: 50px;
            height: 50px;
            display: flex;
            align-items: center;
            justify-content: center;
            transition: all 0.3s ease;
        }
        
        .carousel-control.prev {
            left: 20px;
        }
        
        .carousel-control.next {
            right: 20px;
        }
        
        .carousel-control:hover {
            background-color: rgba(255, 255, 255, 1);
            transform: translateY(-50%) scale(1.1);
            border-color: #4CAF50;
        }
        
        /* 轮播指示器 */
        .carousel-indicators {
            position: absolute;
            bottom: 20px;
            left: 50%;
            transform: translateX(-50%);
            display: flex;
            gap: 10px;
        }
        
        .carousel-indicator {
            width: 12px;
            height: 12px;
            border-radius: 50%;
            background-color: rgba(255, 255, 255, 0.5);
            cursor: pointer;
            transition: all 0.3s ease;
            border: none;
        }
        
        .carousel-indicator.active {
            background-color: #fff;
            width: 30px;
            border-radius: 6px;
        }
        
        /* 资源下载中心样式 */
        .file-list {
            margin-top: 20px;
        }
        
        .file-item {
            display: flex;
            align-items: center;
            margin: 12px 0;
            padding: 10px;
            background-color: #fff;
            border-radius: 8px;
            transition: all 0.3s ease;
            box-shadow: 0 2px 5px rgba(0, 0, 0, 0.05);
        }
        
        .file-item:hover {
            transform: translateX(5px);
            box-shadow: 0 4px 10px rgba(0, 0, 0, 0.1);
        }
        
        .file-icon {
            margin-right: 10px;
            color: #333;
            font-size: 18px;
        }
        
        .file-item a {
            color: #333;
            text-decoration: none;
            flex: 1;
            transition: color 0.3s ease;
        }
        
        .file-item a:hover {
            color: #555;
        }
        
        /* 功能卡片样式 */
        .features-section {
            margin: 30px 0;
        }
        
        .features-grid {
            display: grid;
            grid-template-columns: repeat(auto-fill, minmax(250px, 1fr));
            gap: 20px;
            margin-top: 20px;
        }
        
        .feature-card {
            background-color: #ffffff;
            border-radius: 10px;
            padding: 25px;
            text-align: center;
            transition: all 0.3s ease;
            box-shadow: 0 2px 10px rgba(0, 0, 0, 0.05);
            border-top: 4px solid #4CAF50;
            border: 1px solid #e9ecef;
        }
        
        .feature-card:hover {
            transform: translateY(-10px);
            box-shadow: 0 8px 20px rgba(0, 0, 0, 0.1);
        }
        
        .feature-icon {
            font-size: 48px;
            margin-bottom: 15px;
            color: #333;
        }
        
        .feature-title {
            font-size: 18px;
            margin-bottom: 10px;
            font-weight: 600;
        }
        
        .feature-desc {
            color: #666;
            margin-bottom: 15px;
        }
        
        .feature-link {
            display: inline-block;
            padding: 8px 20px;
            background-color: #4CAF50;
            color: #fff;
            text-decoration: none;
            border-radius: 20px;
            transition: background-color 0.3s ease;
        }
        
        .feature-link:hover {
            background-color: #45a049;
        }
        
        /* 页脚样式 */
        footer {
            background-color: #f8f9fa;
            color: #333;
            text-align: center;
            padding: 20px 0;
            margin-top: 40px;
            border-top: 1px solid #e9ecef;
        }
        
        .footer-content {
            max-width: 1200px;
            margin: 0 auto;
            padding: 0 20px;
        }
        
        /* 响应式设计 */
        @media (max-width: 992px) {
            .columns {
                flex-direction: column;
            }
            
            .right-column {
                position: static;
                margin-top: 20px;
            }
            
            .search-form input[type="text"] {
                width: 60%;
            }
        }
        
        @media (max-width: 768px) {
            .container {
                padding: 20px;
                margin: 10px;
                width: auto;
            }
            
            .header-content {
                flex-direction: column;
                text-align: center;
                gap: 10px;
            }
            
            .logo {
                height: 50px;
            }
            
            .nav-menu {
                flex-direction: column;
                align-items: center;
            }
            
            .nav-item {
                margin: 5px 0;
                width: 100%;
                text-align: center;
            }
            
            .search-form input[type="text"] {
                width: 100%;
                border-radius: 25px;
                margin-bottom: 10px;
            }
            
            .search-form input[type="submit"] {
                width: 100%;
                border-radius: 25px;
            }
            
            .carousel-item img {
                height: 250px;
            }
            
            .features-grid {
                grid-template-columns: 1fr;
            }
        }
        
        /* 动画效果 */
        @keyframes fadeIn {
            from { opacity: 0; transform: translateY(20px); }
            to { opacity: 1; transform: translateY(0); }
        }
        
        .fade-in {
            animation: fadeIn 0.8s ease-out forwards;
        }
        
        .news-item:nth-child(1) { animation-delay: 0.1s; }
        .news-item:nth-child(2) { animation-delay: 0.2s; }
        .news-item:nth-child(3) { animation-delay: 0.3s; }
        .news-item:nth-child(4) { animation-delay: 0.4s; }
        .news-item:nth-child(5) { animation-delay: 0.5s; }
    </style>
</head>
<body>
    <header>
        <div class="header-content">
            <img src="logo.png" alt="Ai自动化渗透测试靶场" class="logo">
            <h1>Ai自动化渗透测试靶场：解放双手，智能攻防！</h1>
        </div>
    
    <!-- 导航栏 -->
    <nav>
        <div class="nav-container">
            <ul class="nav-menu">
                <li class="nav-item"><a href="index.php" class="nav-link">首页</a></li>
                <li class="nav-item"><a href="sql_injection.php" class="nav-link">SQL注入测试</a></li>
                <li class="nav-item"><a href="xss.php" class="nav-link">XSS测试</a></li>
				<li class="nav-item"><a href="files.php" class="nav-link">文件浏览</a></li>
                <li class="nav-item"><a href="admin.php" class="nav-link">后台管理</a></li>
            </ul>
        </div>
    </nav>
    <div class="container">
        <!-- 轮播图 -->
        <div class="carousel">
            <div class="carousel-inner">
                <div class="carousel-item">
                    <img src="images/1.png" alt="Web安全测试环境">
                </div>
                <div class="carousel-item">
                    <img src="images/2.png" alt="SQL注入测试">
                </div>
                <div class="carousel-item">
                    <img src="images/3.png" alt="XSS漏洞测试">
                </div>
                <div class="carousel-item">
                    <img src="images/4.png" alt="文件上传测试">
                </div>
            </div>
            <button class="carousel-control prev" onclick="prevSlide()">&#10094;</button>
            <button class="carousel-control next" onclick="nextSlide()">&#10095;</button>
            <div class="carousel-indicators" id="carouselIndicators"></div>
        </div>

        <!-- 搜索表单 -->
        <form class="search-form" action="" method="GET">
            <input type="text" name="search" placeholder="搜索新闻和资源..." required>
            <input type="submit" value="搜索">
        </form>

        <!-- 功能特性区 -->
        <div class="features-section">
            <h2 class="section-title">靶场功能</h2>
            <div class="features-grid">
                <div class="feature-card">
                    <div class="feature-icon">🔍</div>
                    <h3 class="feature-title">SQL注入</h3>
                    <p class="feature-desc">学习SQL注入原理，掌握常见的注入技术和防御方法。</p>
                    <a href="sql_injection.php" class="feature-link">开始测试</a>
                </div>
                <div class="feature-card">
                    <div class="feature-icon">📝</div>
                    <h3 class="feature-title">XSS攻击</h3>
                    <p class="feature-desc">了解跨站脚本攻击的危害，学习XSS漏洞的发现与利用。</p>
                    <a href="xss.php" class="feature-link">开始测试</a>
                </div>
                <div class="feature-card">
                    <div class="feature-icon">📁</div>
                    <h3 class="feature-title">文件上传</h3>
                    <p class="feature-desc">掌握文件上传漏洞的测试方法，学习安全的文件处理方式。</p>
                    <a href="upload.php" class="feature-link">开始测试</a>
                </div>
                <div class="feature-card">
                    <div class="feature-icon">💻</div>
                    <h3 class="feature-title">命令注入</h3>
                    <p class="feature-desc">学习命令注入漏洞，了解服务器命令执行的安全风险。</p>
                    <a href="ping.php" class="feature-link">开始测试</a>
                </div>
            </div>
        </div>
        
        <!-- 两栏布局 -->
        <div class="columns">
            <!-- 左侧栏目：最新新闻 -->
            <div class="left-column">
                <div class="news-section">
                    <!-- 展示搜索结果或最新新闻 -->
                    <?php if (!empty($searchResults)): ?>
                        <h2 class="section-title">搜索结果</h2>
                        <?php foreach ($searchResults as $row): ?>
                            <div class="news-item fade-in">
                                <h2><?php echo htmlspecialchars($row['title']); ?></h2>
                                <p><?php echo htmlspecialchars($row['content']); ?></p>
                                <span class="date">发布时间: <?php echo $row['published_at']; ?></span>
                            </div>
                        <?php endforeach; ?>
                    <?php else: ?>
                        <h2 class="section-title">最新新闻</h2>
                        <?php if ($result->num_rows > 0): ?>
                            <?php while ($row = $result->fetch_assoc()): ?>
                                <div class="news-item fade-in">
                                    <h2><?php echo htmlspecialchars($row['title']); ?></h2>
                                    <p><?php echo htmlspecialchars($row['content']); ?></p>
                                    <span class="date">发布时间: <?php echo $row['published_at']; ?></span>
                                </div>
                            <?php endwhile; ?>
                        <?php else: ?>
                            <div class="news-item">
                                <p>暂无新闻。</p>
                            </div>
                        <?php endif; ?>
                    <?php endif; ?>
                </div>
            </div>

            <!-- 右侧栏目：资源下载中心 -->
            <div class="right-column">
                <h2 class="section-title">资源下载中心</h2>
                <div class="file-list">
                    <?php if (!empty($files)): ?>
                        <?php foreach ($files as $file): ?>
                            <?php $filePath = $uploadDir . $file; ?>
                            <?php $fileExt = pathinfo($file, PATHINFO_EXTENSION); ?>
                            <div class="file-item">
                                <span class="file-icon">
                                    <?php if (in_array(strtolower($fileExt), ['jpg', 'jpeg', 'png', 'gif'])): ?>
                                        🖼️
                                    <?php elseif (in_array(strtolower($fileExt), ['pdf'])): ?>
                                        📄
                                    <?php elseif (in_array(strtolower($fileExt), ['doc', 'docx'])): ?>
                                        📝
                                    <?php elseif (in_array(strtolower($fileExt), ['zip', 'rar', '7z'])): ?>
                                        📦
                                    <?php else: ?>
                                        📎
                                    <?php endif; ?>
                                </span>
                                <a href="<?php echo htmlspecialchars($filePath); ?>" download><?php echo htmlspecialchars($file); ?></a>
                            </div>
                        <?php endforeach; ?>
                    <?php else: ?>
                        <p>暂无文件。</p>
                    <?php endif; ?>
                </div>
            </div>
        </div>
    </div>
    
    <!-- 页脚 -->
    <footer>
        <div class="footer-content">
            <p>&copy; 2025 Ai自动化渗透测试靶场 | 仅用于安全测试学习</p>
            <p style="margin-top: 10px; font-size: 14px;">靶场提供Web安全测试环境，涵盖SQL注入、XSS、文件上传等多种常见漏洞</p>
        </div>
    </footer>

    <script>
        // 轮播图逻辑增强版
        let currentIndex = 0;
        const slides = document.querySelectorAll('.carousel-item');
        const totalSlides = slides.length;
        const indicatorsContainer = document.getElementById('carouselIndicators');
        let slideInterval;
        
        // 创建轮播指示器
        function createIndicators() {
            for (let i = 0; i < totalSlides; i++) {
                const indicator = document.createElement('button');
                indicator.classList.add('carousel-indicator');
                if (i === currentIndex) {
                    indicator.classList.add('active');
                }
                indicator.setAttribute('data-index', i);
                indicator.addEventListener('click', () => {
                    goToSlide(i);
                });
                indicatorsContainer.appendChild(indicator);
            }
        }
        
        // 更新指示器状态
        function updateIndicators() {
            const indicators = document.querySelectorAll('.carousel-indicator');
            indicators.forEach((indicator, index) => {
                if (index === currentIndex) {
                    indicator.classList.add('active');
                } else {
                    indicator.classList.remove('active');
                }
            });
        }
        
        // 显示指定幻灯片
        function showSlide(index) {
            const carouselInner = document.querySelector('.carousel-inner');
            const offset = -index * 100;
            carouselInner.style.transform = `translateX(${offset}%)`;
            updateIndicators();
        }
        
        // 跳转到指定幻灯片
        function goToSlide(index) {
            currentIndex = index;
            showSlide(currentIndex);
            resetInterval();
        }
        
        // 下一张
        function nextSlide() {
            currentIndex = (currentIndex + 1) % totalSlides;
            showSlide(currentIndex);
        }
        
        // 上一张
        function prevSlide() {
            currentIndex = (currentIndex - 1 + totalSlides) % totalSlides;
            showSlide(currentIndex);
        }
        
        // 重置自动播放计时器
        function resetInterval() {
            clearInterval(slideInterval);
            slideInterval = setInterval(nextSlide, 5000); // 每5秒切换一次
        }
        
        // 初始化轮播图
        function initCarousel() {
            createIndicators();
            resetInterval();
            
            // 鼠标悬停暂停自动播放
            const carousel = document.querySelector('.carousel');
            carousel.addEventListener('mouseenter', () => {
                clearInterval(slideInterval);
            });
            
            carousel.addEventListener('mouseleave', () => {
                resetInterval();
            });
        }
        
        // 页面加载完成后初始化轮播图
        document.addEventListener('DOMContentLoaded', initCarousel);
        
        // 为搜索框添加回车事件处理
        document.querySelector('.search-form').addEventListener('submit', function(e) {
            const searchInput = this.querySelector('input[name="search"]');
            if (searchInput.value.trim() === '') {
                e.preventDefault();
                searchInput.classList.add('error');
                setTimeout(() => searchInput.classList.remove('error'), 1000);
            }
        });
        
        // 平滑滚动效果
        document.querySelectorAll('a[href^="#"]').forEach(anchor => {
            anchor.addEventListener('click', function(e) {
                e.preventDefault();
                const target = document.querySelector(this.getAttribute('href'));
                if (target) {
                    target.scrollIntoView({ 
                        behavior: 'smooth' 
                    });
                }
            });
        });
    </script>
</body>
</html>
<?php
// 关闭数据库连接
$conn->close();
?>